STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must separate user functionality (including user interface services) from information system management functionality.

DISA Rule

SV-233114r599599_rule

Vulnerability Number

V-233114

Group Title

SRG-APP-000211

Rule Version

SRG-APP-000211-CTR-000530

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Configure the container platform and its components to separate management and user functionality.

Check Contents

Review the container platform configuration to determine if management functionality is separated from user functionality.

Validate that the separation is also implemented within the components by trying to execute management functions for each component as a user.

If the container platform is not configured to separate management and user functionality or if component management and user functionality are not separated, this is a finding.

Vulnerability Number

V-233114

Documentable

False

Rule Version

SRG-APP-000211-CTR-000530

Severity Override Guidance

Review the container platform configuration to determine if management functionality is separated from user functionality.

Validate that the separation is also implemented within the components by trying to execute management functions for each component as a user.

If the container platform is not configured to separate management and user functionality or if component management and user functionality are not separated, this is a finding.

Check Content Reference

M

Target Key

5239

Comments